2 min read

More than 230 Million US Health Records Have Been Stolen or Lost in Past Decade

Alina BÎZGĂ

September 09, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
More than 230 Million US Health Records Have Been Stolen or Lost in Past Decade

The data breach phenomenon has been plaguing the US healthcare sector for more than a decade, with a 2,733% increase between 2009 and 2019, according to a PrivacyAffairs study.

Through analysis of reported healthcare data breaches over the past decade, researchers have revealed some alarming statistics:

• 3,054 data breaches were disclosed between 2009-2019
• 230,954,151 healthcare records have been lost, stolen or exposed
• Healthcare data breaches have impacted 70% of US citizens

Although the causes of healthcare data breaches range from human negligence to geopolitical cyberattacks, more often than not, stolen healthcare records end up for sale on underground marketplaces.

According to the study, 2015 was the worst year in the past decade in terms of the number of healthcare records.

“This is primarily due to the Anthem Inc. data breach that exposed personally identifiable medical records of 28.8 million people,” the paper reads. “2018 and 2019 saw a sharp increase in the number of individuals affected by healthcare data breaches, with a six-fold increase between 2017 and 2019.”

Hacking was the main cause of all the most significant attacks, including the Anthem Inc. breach that affected 78.8 million individuals.

When it comes to the highest number of reported healthcare data breaches, 2019 saw 303 reports, compared to 423 reports disclosed between 2016 and 2018.

Researchers also noted that human negligence plays an important role in the exposure of personal health information (PHI), with many incidents occurring due to the theft of an unencrypted and unsupervised device, such as a personal computer. Improper disposal of PHI has also been responsible for leaking over 1 million patient records, the study shows.

“When data is no longer needed, it must be carefully disposed of,” researchers warned. “Old hard drives must be fully sanitized, rather than simply wiped. Where personal data is concerned, complete destruction of storage devices is recommended.”

Cybercriminals often target medical records and data due to the variety and sensitive nature of information held by healthcare organizations. Although healthcare providers have regularly invested in cybersecurity programs, many still use outdated systems and poorly secured devices that leave them extremely vulnerable to cyberattacks.

“Hospital IT teams are often so busy with simply keeping systems and databases working correctly that data security becomes a lower priority,” researchers said. “This means that known vulnerabilities are often left unpatched and systems not updated.”The number of interconnected IoT devices within hospitals also make for a suitable entry point for attackers who wish to gain access to a healthcare providers” network.

Medical devices don”t usually come with built-in security measures, and IT teams are not necessarily equipped with the human resources needed to handle their maintenance. With most medical IoT devices left unsecured, attackers can easily exploit them, gaining access to critical internal systems.

Check now if your personal info has been stolen or made public on the internet, with Bitdefender”s Digital Identity Protection tool.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Half of consumers don’t follow up on data breach notification practices, do you? Half of consumers don’t follow up on data breach notification practices, do you?
Alina BÎZGĂ

November 23, 2021

2 min read
Unsecure Server Exposed 200 Million Records of Adult Webcam Models and Users Online Unsecure Server Exposed 200 Million Records of Adult Webcam Models and Users Online
Alina BÎZGĂ

November 19, 2021

2 min read
Don't Let Cybercriminals Steal Your Digital Thunder Don't Let Cybercriminals Steal Your Digital Thunder
Alina BÎZGĂ

October 29, 2021

2 min read